Verification on Jammy: ====================== 1. Reproduce with snapd 2.67.1+22.04
Version --------------- snap version snap 2.70 snapd 2.67.1+22.04 series 16 ubuntu 22.04 kernel 5.15.0-144-generic Try setpriv ---------------- ubuntu@sovereign-boa:~$ test-snapd-sh-core24.sh $ cd $SNAP $ ls bin meta $ /usr/bin/setpriv ls /bin/sh: 3: /usr/bin/setpriv: Permission denied Inspect log: --------------- = AppArmor = Time: Jul 30 10:50:09 Log: apparmor="DENIED" operation="exec" profile="snap.test-snapd-sh-core24.sh" name="/usr/bin/setpriv" pid=68936 comm="sh" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 File: /usr/bin/setpriv (exec) So clearly the bug can be reproduced. 2. Show bug does not exist with snapd 2.68.5+22.04 Version --------------- snap version snap 2.70 snapd 2.68.5+ubuntu22.04.1 series 16 ubuntu 22.04 kernel 5.15.0-144-generic Try setpriv ---------------- test-snapd-sh-core24.sh $ cd $SNAP $ ls bin meta $ /usr/bin/setpriv ls bin meta $ Inspect log: --------------- no denials in log PASS Verification on Noble and Plucky: ====================== Repeated test on Noble and Plucky: PASS ** Tags removed: verification-needed verification-needed-focal verification-needed-jammy verification-needed-noble verification-needed-plucky ** Tags added: verification-done-jammy verification-done-noble verification-done-plucky -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2072987 Title: Add /usr/bin/setpriv to the AppArmor template / allow list To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/2072987/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
